1

The Apple Push Services certifcate is about to expire in a few days.

To renew the certificate a new certificate has to be requested, and then the current certificate can be rewoked (or left to expire..). The new certificate then has to be uploaded to the service used to handle the notifications (in my case Firebase Messaging).

I have a hard time wrapping my head around who can update the certificates, without breaking the push-notifications and causing the app to be updated.

  1. Does the new certificate has to be requested by the same APPLE-ID as the current? Or can anyone else of the mantainers with role "Admin" or "App Manager" (https://appstoreconnect.apple.com/access/users) update it with their account?

  2. The .CSR file from Apple Keychain can be created by any APPLE-ID, or only by the APPLE-ID who created the original? Do I need the original .CSR from the current certificate?

user1671375
  • 269
  • 1
  • 3
  • 10

1 Answers1

1

The Apple ID of the requester does not really matter. As long as they belong to the same team on App Store Connect and have the necessary rights, they can do that. The fastest way is probably using a tool like https://docs.fastlane.tools/actions/pem/ or kind of the "web version" of that https://onesignal.com/provisionator

Max
  • 5,972
  • 1
  • 24
  • 34